|
0800 - 0850 |
+ breakfast
 |
|
0850 - 0900 |
+ jeff moss: welcome & introduction to black hat usa 2010 |
|
0900 - 0950 |
+ keynote speaker: jane holl lute, dhs // augustus ballroom |
|
TRACK |
//Programmatic |
//OS Wars |
//Infrastructure |
//Reverse Engineering |
//Mobile |
//Executive |
//Cyber War & Peace |
//Malware
+Fingerprinting |
//Network |
//Bug Collecting |
//Special Events |
ROOM |
Milano 1+2+3+4 |
Milano 5+6+7+8 |
Roman |
Augustus 1+2 |
Augustus 3+4 |
Forum 25 |
Florentine |
Augustus 5+6 |
Forum 24 |
Neopolitan 1+2+3+4 |
Pompeian |
|
0950 - 1000 |
+ break
|
|
1000 - 1100 |
Long Le:
Payload Already Inside: Data Re-Use for ROP exploits |
Scott Stender,Rachel Engel, Brad Hill:
Attacking Kerberos Deployments |
Ben Feinstein, Jeff Jarmoc & Dan King:
The Emperor Has No Clothes: Insecurities in Security Infrastructure |
Jeongwook Oh:
ExploitSpotting: Locating Vulnerabilities Out Of Vendor Patches Automatically |
The Grugq:
Base Jumping: Attacking GSM Base Station Systems and Mobile Phone Base Bands |
Panel:
Optimizing the Security Researcher and CSO Relationship |
Wayne Huang, Caleb Sima:
Drivesploit: Circumventing both automated AND manual drive-by-download detection |
Nicholas J. Percoco,
Jibran Ilyas:
Malware Freak Show 2010: The Client-Side Boogaloo |
Leandro Meiners,
Diego Sor:
WPA Migration Mode: WEP is back to haunt you… |
Ben Nagy:
Industrial Bug Mining - Extracting, Grading and Enriching the Ore of
Exploits |
Cloud Security Alliance Summit
more info » |
|
1100 - 1115 |
+ coffee service
|
|
1115 - 1230 |
Nicolas Waisman:
Aleatory Persistent Threat |
Hernan Ochoa, Agustin Azubel:
Understanding the Windows SMB NTLM Weak Nonce Vulnerability
|
Jonathan Pollet, Joe Cummins:
Electricity for Free? The Dirty Underbelly of SCADA and Smart Meters |
Charlie Miller, Noah Johnson:
Crash Analysis using BitBlaze |
David Kane-
Parry:
More Bugs In More Places: Secure Development On Moble Platforms |
Panel:
Systemic DNS Vulnerabilities and Risk Management |
Val Smith, Colin Ames & Anthony Lai:
Balancing the Pwn Trade Deficit |
Greg Hoglund:
Malware Attribution: Tracking Cyber Spies and Digital Criminals |
Chris Paget:
Extreme-range RFID tracking |
Christiaan Beek:
Virtual Forensics |
Cloud Security Alliance Summit
more info » |
|
1230 - 1345 |
+ lunch |
|
1345 - 1500 |
Stephen de Vries:
Hacking Java Clients |
Nathan Keltner, Tim Elrod:
Adventures in Limited User Post Exploitation |
James Arlen:
SCADA and ICS for Security Experts: How to avoid Cyberdouchery |
Barnaby Jack:
Jackpotting Automated Teller Machines Redux |
Anthony Lineberry, Timothy
Wyatt & David Richardson:
These Aren't the Permissions You're Looking For |
General Michael Hayden:
Cyber war...Are we at war? And if we are, how should we fight it?
Interview:
One on One interview with General Michael Hayden
|
Chris Sumner:
Social Networking Special Ops: Extending Data Visualization Tools for faster Pwnage |
Neil Daswani:
mod_antimalware: A Novel Apache Module for Containing web-based Malware Infections
|
Enno Rey, Daniel Mende:
Burning Asgard - What happens when Loki breaks free |
Raj Umadas, Jeremy Allen:
Network Stream Debugging with Mallory |
Cloud Security Alliance Summit
more info » |
|
1500 - 1515 |
+ break
|
|
1515 - 1630 |
Lurene Grenier, Richard Johnson:
Harder, Better, Faster, Stronger: Semi-Auto Vulnerability Research |
olle b:
Standing on the Shoulders of the Blue Monster: Hardening Windows Applications
|
Dan Kaminsky:
Black Ops Of Fundamental Defense:
Web Edition |
Matthieu Suiche:
Blue Screen Of the Death is Dead. |
Vincenzo Iozzo, Ralf-Philipp Weinmann, Tim
Kornau:
Everybody be cool this is a roppery! |
Panel:
Security Innovation Network Panel: Connecting Buyers, Builders, and the Research Community |
Tom Parker:
Finger Pointing for Fun, Profit and War? |
Patrick Thomas:
BlindElephant: WebApp Fingerprinting and Vulnerability Inferencing |
Nate Lawson, Taylor Nelson:
Exploiting Timing Attacks in Widespread Systems |
Arshan Dabirsiaghi:
JavaSnoop: How to Hack Anything Written in Java |
Panel:
Hacker Court |
|
1630 - 1645 |
+ coffee service
 |
|
1645 - 1800 |
Mariano Nuñez Di Croce:
SAP Backdoors: A Ghost at the Heart of Your Business |
Alex Hutton, Allison Miller:
Ushering in the Post-GRC World: Applied Threat Modeling |
Shawn Moyer, Nathan Keltner:
Wardriving the Smart Grid: Practical Approaches to Attacking Utility Packet Radios |
Chris Tarnovsky
Semiconductor Security Awareness, Today and Yesterday |
Kevin Mahaffey, John Hering:
App Attack: Surviving the Mobile Application Explosion |
Reception:
Security Innovation Network Panel: Connecting Buyers, Builders, and the Research Community |
Thomas Ryan:
Getting In Bed With Robin Sage |
Fyodor,
David Fifield:
Mastering the Nmap Scripting Engine |
Kenton Born:
PSUDP: A Passive Approach to Network-Wide Covert Communication |
Meredith L. Patterson, Len Sassaman:
Exploiting the Forest with Trees |
Panel:
Hacker Court (cont.) |
|
1800 - 1930 |
+ gala reception
The Gala Reception will take place on the Fourth Floor, Palace Ballroom.
+ pwnie awards: presentation »
|
